Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-q9dt-caxa-yqfd
Vulnerability ID VCID-q9dt-caxa-yqfd
Aliases CVE-2026-25971
GHSA-8mpr-6xr2-chhc
Summary ImageMagick: MSL - Stack overflow in ProcessMSLScript Magick fails to check for circular references between two MSLs, leading to a stack overflow.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-674 Uncontrolled Recursion
CWE-787 Out-of-bounds Write
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2026-25971
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-8mpr-6xr2-chhc
cvssv3.1_qr MODERATE https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-25971
https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
https://github.com/ImageMagick/ImageMagick
CVE-2026-25971 https://nvd.nist.gov/vuln/detail/CVE-2026-25971
GHSA-8mpr-6xr2-chhc https://github.com/advisories/GHSA-8mpr-6xr2-chhc
GHSA-8mpr-6xr2-chhc https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.14144
EPSS Score 0.00045
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T21:07:50.577201+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Magick.NET-Q16-HDRI-arm64/CVE-2026-25971.yml 38.6.0